package nl.knowledgeplaza.securityfilter;

import java.security.Principal;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Timestamp;
import java.util.Collections;
import java.util.Date;
import java.util.GregorianCalendar;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.TreeMap;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import nl.knowledgeplaza.util.CalendarUtil;
import nl.knowledgeplaza.util.ExceptionUtil;
import nl.knowledgeplaza.util.JdbcUtil;
import nl.knowledgeplaza.util.pool.JdbcConnectionPoolFactoryServletUtils;
import nl.knowledgeplaza.util.pool.ObjectPool;
import org.apache.axis2.description.java2wsdl.Java2WSDLConstants;
import org.apache.log4j.Logger;
import org.apache.log4j.spi.Configurator;
import org.apache.log4j.spi.LocationInfo;

/* loaded from: input_file:WEB-INF/lib/KpSecurityFilter-1.30.jar:nl/knowledgeplaza/securityfilter/SecurityFilterJDBC.class */
public class SecurityFilterJDBC extends SecurityFilter {
    public static final String SOURCECODE_VERSION = "$Revision: 1.24 $";
    static Logger cLog4J = Logger.getLogger(SecurityFilterJDBC.class);
    private String iJdbcPoolName = null;
    private String iJdbcClassName = null;
    private String iJdbcUrl = null;
    private String iJdbcUsername = null;
    private String iJdbcPassword = null;
    private String iSql = null;
    private String iUserTable = null;
    private String iUserTableNameCol = null;
    private String iUserTablePasswordCol = null;
    private String iUserTableContextCol = null;
    private String iUserTableLastLoginCol = null;
    private String iUserTableCurrentLoginCol = null;
    private String iUserTableActiveFromCol = null;
    private String iUserTableActiveUntilCol = null;
    private String iUserTableFailedLoginDateCol = null;
    private int iUserTableFailedLoginLockedPeriod = 0;
    private String iUserTableFailedLoginCountCol = null;
    private int iUserTableFailedLoginMaxRetries = 0;
    private Map iConnectionToPool = Collections.synchronizedMap(new HashMap());

    @Override // nl.knowledgeplaza.securityfilter.SecurityFilter
    public void initialize() throws ServletException {
        super.initialize();
        this.iJdbcPoolName = this.iConfigurationProperties.get2(this, "JdbcPoolName");
        this.iJdbcClassName = this.iConfigurationProperties.get2(this, "JdbcClassName");
        this.iJdbcUrl = this.iConfigurationProperties.get2(this, "JdbcUrl");
        this.iJdbcUsername = this.iConfigurationProperties.get2(this, "JdbcUsername");
        this.iJdbcPassword = this.iConfigurationProperties.get2(this, "JdbcPassword");
        this.iSql = this.iConfigurationProperties.get2(this, "sql");
        this.iUserTable = this.iConfigurationProperties.get2(this, "UserTable");
        this.iUserTableNameCol = this.iConfigurationProperties.get2(this, "UserTableNameCol");
        this.iUserTablePasswordCol = this.iConfigurationProperties.get2(this, "UserTablePasswordCol");
        this.iUserTableContextCol = this.iConfigurationProperties.get2(this, "UserTableContextCol");
        this.iUserTableLastLoginCol = this.iConfigurationProperties.get2(this, "UserTableLastLoginCol");
        this.iUserTableCurrentLoginCol = this.iConfigurationProperties.get2(this, "UserTableCurrentLoginCol");
        this.iUserTableActiveFromCol = this.iConfigurationProperties.get2(this, "UserTableActiveFromCol");
        if (this.iUserTableActiveFromCol != null && this.iUserTableActiveFromCol.length() == 0) {
            this.iUserTableActiveFromCol = null;
        }
        this.iUserTableActiveUntilCol = this.iConfigurationProperties.get2(this, "UserTableActiveUntilCol");
        if (this.iUserTableActiveUntilCol != null && this.iUserTableActiveUntilCol.length() == 0) {
            this.iUserTableActiveUntilCol = null;
        }
        this.iUserTableFailedLoginDateCol = this.iConfigurationProperties.get2(this, "UserTableFailedLoginDateCol");
        try {
            String str = this.iConfigurationProperties.get2(this, "UserTableFailedLoginLockedPeriod");
            if (str != null && str.length() > 0) {
                this.iUserTableFailedLoginLockedPeriod = Integer.parseInt(str);
            }
        } catch (NumberFormatException e) {
            cLog4J.error(ExceptionUtil.getStacktrace(e));
        }
        this.iUserTableFailedLoginCountCol = this.iConfigurationProperties.get2(this, "UserTableFailedLoginCountCol");
        try {
            String str2 = this.iConfigurationProperties.get2(this, "UserTableFailedLoginMaxRetries");
            if (str2 != null && str2.length() > 0) {
                this.iUserTableFailedLoginMaxRetries = Integer.parseInt(str2);
            }
        } catch (NumberFormatException e2) {
            cLog4J.error(ExceptionUtil.getStacktrace(e2));
        }
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("JdbcPoolName=" + this.iJdbcPoolName);
        }
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("JdbcClassName=" + this.iJdbcClassName);
        }
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("JdbcUrl=" + this.iJdbcUrl);
        }
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("JdbcUsername=" + this.iJdbcUsername);
        }
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("JdbcPassword=" + this.iJdbcPassword);
        }
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("sql=" + this.iSql);
        }
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("UserTable=" + this.iUserTable);
        }
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("UserTableNameCol=" + this.iUserTableNameCol);
        }
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("UserTablePasswordCol=" + this.iUserTablePasswordCol);
        }
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("UserTableContextCol=" + this.iUserTableContextCol);
        }
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("UserTableLastLoginCol=" + this.iUserTableLastLoginCol);
        }
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("UserTableCurrentLoginCol=" + this.iUserTableCurrentLoginCol);
        }
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("UserTableActiveFromCol=" + this.iUserTableActiveFromCol);
        }
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("UserTableActiveUntilCol=" + this.iUserTableActiveUntilCol);
        }
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("UserTableFailedLoginDateCol=" + this.iUserTableFailedLoginDateCol);
        }
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("UserTableFailedLoginLockedPeriod=" + this.iUserTableFailedLoginLockedPeriod);
        }
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("UserTableFailedLoginCountCol=" + this.iUserTableFailedLoginCountCol);
        }
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("UserTableFailedLoginMaxRetries=" + this.iUserTableFailedLoginMaxRetries);
        }
    }

    @Override // nl.knowledgeplaza.securityfilter.SecurityFilter
    public Principal authenticate(HttpServletRequest httpServletRequest, String str, String str2, String str3) throws ServletException {
        Connection connection;
        PreparedStatement prepareStatement;
        ResultSet executeQuery;
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("Authenticating '" + str + (this.iUserTableContextCol == null ? "" : "@" + str3) + "', using JDBC");
        }
        SecurityFilterPrincipal securityFilterPrincipal = null;
        PreparedStatement preparedStatement = null;
        PreparedStatement preparedStatement2 = null;
        try {
            try {
                connection = getConnection(httpServletRequest);
                if (this.iSql == null) {
                    String str4 = "select " + this.iUserTablePasswordCol + "  from " + this.iUserTable + " where " + this.iUserTableNameCol + " = ?" + (this.iUserTableContextCol != null ? " and " + this.iUserTableContextCol + " = ?" : "");
                    if (cLog4J.isDebugEnabled()) {
                        cLog4J.debug(str4);
                    }
                    prepareStatement = connection.prepareStatement(str4);
                    prepareStatement.setString(1, str);
                    if (this.iUserTableContextCol != null) {
                        prepareStatement.setString(2, str3);
                    }
                    if (cLog4J.isDebugEnabled()) {
                        cLog4J.debug("SQL: " + str4);
                    }
                    executeQuery = prepareStatement.executeQuery();
                } else {
                    TreeMap treeMap = new TreeMap();
                    String str5 = this.iSql;
                    int indexOf = str5.indexOf("%username%");
                    if (indexOf >= 0) {
                        treeMap.put(new Integer(indexOf), str);
                        str5 = str5.replace("%username%", LocationInfo.NA);
                    }
                    int indexOf2 = str5.indexOf("%password%");
                    if (indexOf2 >= 0) {
                        treeMap.put(new Integer(indexOf2), str2);
                        str5 = str5.replace("%password%", LocationInfo.NA);
                    }
                    int indexOf3 = str5.indexOf("%context%");
                    if (indexOf3 >= 0) {
                        treeMap.put(new Integer(indexOf3), str3);
                        str5 = str5.replace("%context%", LocationInfo.NA);
                    }
                    prepareStatement = connection.prepareStatement(str5);
                    int i = 1;
                    Iterator it = treeMap.entrySet().iterator();
                    while (it.hasNext()) {
                        prepareStatement.setString(i, (String) ((Map.Entry) it.next()).getValue());
                        i++;
                    }
                    if (cLog4J.isDebugEnabled()) {
                        cLog4J.debug("SQL: " + str5);
                    }
                    executeQuery = prepareStatement.executeQuery();
                }
            } catch (SQLException e) {
                cLog4J.error(ExceptionUtil.getStacktrace(e));
                httpServletRequest.getSession().setAttribute(SecurityFilter.SESSIONATTRIBUTE_REASON, "Database problems");
                JdbcUtil.close((ResultSet) null);
                JdbcUtil.close((PreparedStatement) null);
                JdbcUtil.close((PreparedStatement) null);
                JdbcUtil.close((PreparedStatement) null);
                releaseConnection(httpServletRequest, null);
            }
            if (!executeQuery.next()) {
                if (cLog4J.isDebugEnabled()) {
                    cLog4J.debug("Authenticating '" + str + (this.iUserTableContextCol == null ? "" : "@" + str3) + "', user not found or password incorrect");
                }
                httpServletRequest.getSession().setAttribute(SecurityFilter.SESSIONATTRIBUTE_REASON, "User not found or password incorrect");
                JdbcUtil.close(executeQuery);
                JdbcUtil.close(prepareStatement);
                JdbcUtil.close((PreparedStatement) null);
                JdbcUtil.close((PreparedStatement) null);
                releaseConnection(httpServletRequest, connection);
                return null;
            }
            if (str2.equals(this.iUserTablePasswordCol != null ? executeQuery.getString(this.iUserTablePasswordCol) : executeQuery.getString(1))) {
                if (cLog4J.isDebugEnabled()) {
                    cLog4J.debug("Authenticating '" + str + (this.iUserTableContextCol == null ? "" : "@" + str3) + "', password matches, authenticated (for now)");
                }
                securityFilterPrincipal = new SecurityFilterPrincipal(str, str3);
            } else {
                if (cLog4J.isInfoEnabled()) {
                    cLog4J.info("Authenticating '" + str + (this.iUserTableContextCol == null ? "" : "@" + str3) + "', incorrect password");
                }
                httpServletRequest.getSession().setAttribute(SecurityFilter.SESSIONATTRIBUTE_REASON, "Password incorrect");
            }
            if (securityFilterPrincipal != null && !checkFailedLogin(executeQuery, str, str3)) {
                httpServletRequest.getSession().setAttribute(SecurityFilter.SESSIONATTRIBUTE_REASON, "Too-many-failed-logins grace period");
                securityFilterPrincipal = null;
            }
            if (securityFilterPrincipal != null && !checkActive(executeQuery, str, str3)) {
                httpServletRequest.getSession().setAttribute(SecurityFilter.SESSIONATTRIBUTE_REASON, "Account not active");
                securityFilterPrincipal = null;
            }
            if (securityFilterPrincipal != null && this.iUserTableLastLoginCol != null && this.iUserTableCurrentLoginCol != null) {
                String str6 = "update " + this.iUserTable + "   set " + this.iUserTableLastLoginCol + " = " + this.iUserTableCurrentLoginCol + " where " + this.iUserTableNameCol + " = ?" + (this.iUserTableContextCol == null ? "" : " and " + this.iUserTableContextCol + " = ?");
                if (cLog4J.isDebugEnabled()) {
                    cLog4J.debug(str6);
                }
                preparedStatement = connection.prepareStatement(str6);
                prepareStatement.setString(1, str);
                if (this.iUserTableContextCol != null) {
                    prepareStatement.setString(2, str3);
                }
                preparedStatement.execute();
                String str7 = "update " + this.iUserTable + "   set " + this.iUserTableCurrentLoginCol + " = ? where " + this.iUserTableNameCol + " = ?" + (this.iUserTableContextCol == null ? "" : " and " + this.iUserTableContextCol + " = ?");
                preparedStatement2 = connection.prepareStatement(str7);
                preparedStatement2.setTimestamp(1, new Timestamp(new Date().getTime()));
                prepareStatement.setString(2, str);
                if (this.iUserTableContextCol != null) {
                    prepareStatement.setString(3, str3);
                }
                if (cLog4J.isDebugEnabled()) {
                    cLog4J.debug(str7);
                }
                preparedStatement2.execute();
            }
            if (securityFilterPrincipal == null) {
                processFailedLogin(connection, executeQuery, str, str3);
            }
            JdbcUtil.close(executeQuery);
            JdbcUtil.close(prepareStatement);
            JdbcUtil.close(preparedStatement);
            JdbcUtil.close(preparedStatement2);
            releaseConnection(httpServletRequest, connection);
            return securityFilterPrincipal;
        } catch (Throwable th) {
            JdbcUtil.close((ResultSet) null);
            JdbcUtil.close((PreparedStatement) null);
            JdbcUtil.close((PreparedStatement) null);
            JdbcUtil.close((PreparedStatement) null);
            releaseConnection(httpServletRequest, null);
            throw th;
        }
    }

    private boolean checkActive(ResultSet resultSet, String str, String str2) throws SQLException {
        if (this.iUserTableActiveFromCol == null && this.iUserTableActiveUntilCol == null) {
            if (!cLog4J.isDebugEnabled()) {
                return true;
            }
            cLog4J.debug("Active parameters not configured, authentication is okay.");
            return true;
        }
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        if (this.iUserTableActiveFromCol != null) {
            java.sql.Date date = resultSet.getDate(this.iUserTableActiveFromCol);
            if (cLog4J.isDebugEnabled()) {
                cLog4J.debug("FromDate = " + date);
            }
            if (date != null) {
                GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
                gregorianCalendar2.setTime(date);
                if (cLog4J.isDebugEnabled()) {
                    cLog4J.debug("Authenticating '" + str + "'@'" + str2 + "', ActiveFrom: " + (gregorianCalendar2 == null ? Configurator.NULL : "" + CalendarUtil.quickFormatCalendar(gregorianCalendar2)) + " (now = " + CalendarUtil.quickFormatCalendar(gregorianCalendar) + ")");
                }
                if (gregorianCalendar2 != null && gregorianCalendar2.after(gregorianCalendar)) {
                    if (!cLog4J.isInfoEnabled()) {
                        return false;
                    }
                    cLog4J.info("Authenticating '" + str + "'@'" + str2 + "' failed on ActiveFrom");
                    return false;
                }
            }
        }
        if (this.iUserTableActiveUntilCol == null) {
            return true;
        }
        java.sql.Date date2 = resultSet.getDate(this.iUserTableActiveUntilCol);
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("UntilDate = " + date2);
        }
        if (date2 == null) {
            return true;
        }
        GregorianCalendar gregorianCalendar3 = new GregorianCalendar();
        gregorianCalendar3.setTime(date2);
        gregorianCalendar3.set(11, 23);
        gregorianCalendar3.set(12, 59);
        gregorianCalendar3.set(13, 59);
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("Authenticating '" + str + "'@'" + str2 + "', ActiveUntil: " + CalendarUtil.quickFormatCalendar(gregorianCalendar3) + " (now = " + CalendarUtil.quickFormatCalendar(gregorianCalendar) + ")");
        }
        if (gregorianCalendar3 == null || !gregorianCalendar3.before(gregorianCalendar)) {
            return true;
        }
        if (!cLog4J.isInfoEnabled()) {
            return false;
        }
        cLog4J.info("Authenticating '" + str + "'@'" + str2 + "'  failed on ActiveUntil ");
        return false;
    }

    private boolean checkFailedLogin(ResultSet resultSet, String str, String str2) throws SQLException {
        if (this.iUserTableFailedLoginDateCol == null && this.iUserTableFailedLoginLockedPeriod == 0 && this.iUserTableFailedLoginCountCol == null && this.iUserTableFailedLoginMaxRetries == 0) {
            if (!cLog4J.isDebugEnabled()) {
                return true;
            }
            cLog4J.debug("Failed-login parameters not configured, authentication is okay.");
            return true;
        }
        if (this.iUserTableFailedLoginDateCol == null || this.iUserTableFailedLoginLockedPeriod == 0 || this.iUserTableFailedLoginCountCol == null || this.iUserTableFailedLoginMaxRetries == 0) {
            cLog4J.error("Failed-login parameters only partially configured.");
            return false;
        }
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        Timestamp timestamp = resultSet.getTimestamp(this.iUserTableFailedLoginDateCol);
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("FailedLoginDate = " + timestamp);
        }
        if (timestamp == null) {
            return true;
        }
        GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
        gregorianCalendar2.setTime(timestamp);
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("Authenticating '" + str + "'@'" + str2 + "', FailedLoginDate: " + CalendarUtil.quickFormatCalendar(gregorianCalendar2));
        }
        if (gregorianCalendar2 == null) {
            return true;
        }
        gregorianCalendar2.add(13, this.iUserTableFailedLoginLockedPeriod);
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("Authenticating '" + str + "'@'" + str2 + "', FailedLogin locked until: " + CalendarUtil.quickFormatCalendar(gregorianCalendar2) + " (now = " + CalendarUtil.quickFormatCalendar(gregorianCalendar) + ")");
        }
        if (!gregorianCalendar2.after(gregorianCalendar)) {
            return true;
        }
        if (!cLog4J.isInfoEnabled()) {
            return false;
        }
        cLog4J.info("Authenticating '" + str + "'@'" + str2 + "' failed, login is still locked due to too many failed logins");
        return false;
    }

    private void processFailedLogin(Connection connection, ResultSet resultSet, String str, String str2) throws SQLException {
        if ((this.iUserTableFailedLoginDateCol == null && this.iUserTableFailedLoginLockedPeriod == 0 && this.iUserTableFailedLoginCountCol == null && this.iUserTableFailedLoginMaxRetries == 0) || this.iUserTableFailedLoginDateCol == null || this.iUserTableFailedLoginLockedPeriod == 0 || this.iUserTableFailedLoginCountCol == null || this.iUserTableFailedLoginMaxRetries == 0) {
            return;
        }
        int i = resultSet.getInt(this.iUserTableFailedLoginCountCol);
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("FailedLoginCount = " + i);
        }
        PreparedStatement preparedStatement = null;
        try {
            if (i + 1 > this.iUserTableFailedLoginMaxRetries) {
                GregorianCalendar gregorianCalendar = new GregorianCalendar();
                String str3 = "update " + this.iUserTable + "   set " + this.iUserTableFailedLoginDateCol + " = ?      , " + this.iUserTableFailedLoginCountCol + " = 0  where " + this.iUserTableNameCol + " = ?" + (this.iUserTableContextCol == null ? "" : " and " + this.iUserTableContextCol + " = '" + str2 + "'");
                if (cLog4J.isDebugEnabled()) {
                    cLog4J.debug("SQL=" + str3 + "   [" + gregorianCalendar.getTime() + ", '" + str + "']");
                }
                preparedStatement = connection.prepareStatement(str3);
                preparedStatement.setTimestamp(1, new Timestamp(gregorianCalendar.getTimeInMillis()));
                preparedStatement.setString(2, str);
                preparedStatement.executeUpdate();
            } else {
                String str4 = "update " + this.iUserTable + "   set " + this.iUserTableFailedLoginCountCol + " = " + this.iUserTableFailedLoginCountCol + " + 1 where " + this.iUserTableNameCol + " = ?" + (this.iUserTableContextCol == null ? "" : " and " + this.iUserTableContextCol + " = '" + str2 + "'");
                if (cLog4J.isDebugEnabled()) {
                    cLog4J.debug("SQL=" + str4 + "   ['" + str + "']");
                }
                preparedStatement = connection.prepareStatement(str4);
                preparedStatement.setString(1, str);
                preparedStatement.executeUpdate();
            }
            connection.commit();
            if (preparedStatement != null) {
                try {
                    preparedStatement.close();
                } catch (SQLException e) {
                    cLog4J.error(ExceptionUtil.getStacktrace(e));
                }
            }
        } catch (Throwable th) {
            if (preparedStatement != null) {
                try {
                    preparedStatement.close();
                } catch (SQLException e2) {
                    cLog4J.error(ExceptionUtil.getStacktrace(e2));
                    throw th;
                }
            }
            throw th;
        }
    }

    @Override // nl.knowledgeplaza.securityfilter.SecurityFilter
    public String getPassword(HttpServletRequest httpServletRequest, String str, String str2) throws ServletException {
        Connection connection;
        PreparedStatement prepareStatement;
        ResultSet executeQuery;
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("getPassword '" + str + (this.iUserTableContextCol == null ? "" : "@" + str2) + "', using JDBC");
        }
        String str3 = null;
        try {
            try {
                connection = getConnection(httpServletRequest);
                if (this.iSql == null) {
                    String str4 = "select " + this.iUserTablePasswordCol + "  from " + this.iUserTable + " where " + this.iUserTableNameCol + " = ?" + (this.iUserTableContextCol == null ? "" : " and " + this.iUserTableContextCol + " = ?");
                    if (cLog4J.isDebugEnabled()) {
                        cLog4J.debug(str4);
                    }
                    prepareStatement = connection.prepareStatement(str4);
                    prepareStatement.setString(1, str);
                    if (this.iUserTableContextCol != null) {
                        prepareStatement.setString(1, str2);
                    }
                    if (cLog4J.isDebugEnabled()) {
                        cLog4J.debug("SQL: " + str4);
                    }
                    executeQuery = prepareStatement.executeQuery();
                } else {
                    TreeMap treeMap = new TreeMap();
                    String str5 = this.iSql;
                    int indexOf = str5.indexOf("%username%");
                    if (indexOf >= 0) {
                        treeMap.put(new Integer(indexOf), str);
                        str5 = str5.replace("%username%", LocationInfo.NA);
                    }
                    int indexOf2 = str5.indexOf("%context%");
                    if (indexOf2 >= 0) {
                        treeMap.put(new Integer(indexOf2), str2);
                        str5 = str5.replace("%username%", LocationInfo.NA);
                    }
                    prepareStatement = connection.prepareStatement(str5);
                    int i = 1;
                    Iterator it = treeMap.entrySet().iterator();
                    while (it.hasNext()) {
                        prepareStatement.setString(i, (String) ((Map.Entry) it.next()).getValue());
                        i++;
                    }
                    if (cLog4J.isDebugEnabled()) {
                        cLog4J.debug("SQL: " + str5);
                    }
                    executeQuery = prepareStatement.executeQuery();
                }
            } catch (SQLException e) {
                cLog4J.error(ExceptionUtil.getStacktrace(e));
                httpServletRequest.getSession().setAttribute(SecurityFilter.SESSIONATTRIBUTE_REASON, "Database problems");
                JdbcUtil.close((ResultSet) null);
                JdbcUtil.close((PreparedStatement) null);
                releaseConnection(httpServletRequest, null);
            }
            if (executeQuery.next()) {
                str3 = this.iUserTablePasswordCol != null ? executeQuery.getString(this.iUserTablePasswordCol) : executeQuery.getString(1);
                JdbcUtil.close(executeQuery);
                JdbcUtil.close(prepareStatement);
                releaseConnection(httpServletRequest, connection);
                return str3;
            }
            if (cLog4J.isDebugEnabled()) {
                cLog4J.debug("getPassword '" + str + (this.iUserTableContextCol == null ? "" : "@" + str2) + "', record does not exists");
            }
            JdbcUtil.close(executeQuery);
            JdbcUtil.close(prepareStatement);
            releaseConnection(httpServletRequest, connection);
            return null;
        } catch (Throwable th) {
            JdbcUtil.close((ResultSet) null);
            JdbcUtil.close((PreparedStatement) null);
            releaseConnection(httpServletRequest, null);
            throw th;
        }
    }

    private Connection getConnection(HttpServletRequest httpServletRequest) throws ServletException, SQLException {
        Connection connection;
        String str = SecurityFilterJDBC.class.getName() + Java2WSDLConstants.COLON_SEPARATOR + this.iJdbcUsername + "@" + this.iJdbcUrl;
        if (this.iJdbcPoolName != null) {
            if (cLog4J.isDebugEnabled()) {
                cLog4J.debug("Using JdbcPool " + this.iJdbcPoolName);
            }
            ObjectPool connectionPool = JdbcConnectionPoolFactoryServletUtils.getConnectionPool(httpServletRequest.getSession().getServletContext(), this.iJdbcPoolName, this.iConfigurationProperties);
            connection = (Connection) connectionPool.borrowObject();
            this.iConnectionToPool.put(connection, connectionPool);
        } else {
            if (cLog4J.isDebugEnabled()) {
                cLog4J.debug("Using the internal dedicated connection");
            }
            try {
                if (cLog4J.isDebugEnabled()) {
                    cLog4J.debug("Finding JDBC class " + this.iJdbcClassName);
                }
                Class.forName(this.iJdbcClassName);
                if (cLog4J.isDebugEnabled()) {
                    cLog4J.debug("Looking for jdbc connection in application context " + str);
                }
                connection = (Connection) httpServletRequest.getSession().getServletContext().getAttribute(str);
                if (connection == null) {
                    if (cLog4J.isDebugEnabled()) {
                        cLog4J.debug("Opening new connection " + this.iJdbcUrl + " as " + this.iJdbcUsername);
                    }
                    connection = DriverManager.getConnection(this.iJdbcUrl, this.iJdbcUsername, this.iJdbcPassword);
                    httpServletRequest.getSession().getServletContext().setAttribute(str, connection);
                } else if (cLog4J.isDebugEnabled()) {
                    cLog4J.debug("Connection found");
                }
            } catch (ClassNotFoundException e) {
                cLog4J.error(ExceptionUtil.getStacktrace(e));
                httpServletRequest.getSession().setAttribute(SecurityFilter.SESSIONATTRIBUTE_REASON, "JDBC driver not found");
                return null;
            }
        }
        return connection;
    }

    private void releaseConnection(HttpServletRequest httpServletRequest, Connection connection) {
        httpServletRequest.getSession().getServletContext().removeAttribute(SecurityFilterJDBC.class.getName() + Java2WSDLConstants.COLON_SEPARATOR + this.iJdbcUsername + "@" + this.iJdbcUrl);
        if (this.iConnectionToPool.containsKey(connection)) {
            try {
                ((ObjectPool) this.iConnectionToPool.get(connection)).returnObject(connection);
                this.iConnectionToPool.remove(connection);
            } catch (Throwable th) {
                this.iConnectionToPool.remove(connection);
                throw th;
            }
        }
    }
}
